CVE-2020-15647

Summary

A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies for other origins. This vulnerability affects Firefox for < Android.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefox forunspecified < Androidaffected

Weaknesses

  • Arbitrary local file access in Firefox for Android

ADP Enrichment

CVE Program Container

Additional References

References